[mail-vet-discuss] What is the A-R header really for?
Michael Thomas
mike at mtcc.com
Tue Oct 16 17:18:28 PDT 2007
Murray S. Kucherawy wrote:
> Tony Hansen wrote:
>>
>> Not at all. MUAs shouldn't just *display* the results of A-R as an
>> indication of goodness/badness of the sender. However, it can certainly
>> process the A-R information and *combine* it with reputation and/or
>> accreditation information in order to generate something that CAN be
>> displayed to the end user.
>>
> I think MUAs should be free to indicate, without even consulting
> reputation, an authentication result that fails (i.e. a forgery of
> some kind).
>
> The opposite, expressing "you should trust this", definitely requires
> reputation.
Well, as a reality check Y! mail does annotate the verification passing
and the world has continued to spin. Getting into this sort of UI guideline,
IMO, is best left to UI and usability experts which I don't think any of us
are. Which is to say that we should avoid it.
Mike
More information about the mail-vet-discuss
mailing list